Is it a security risk?No. Just so long as you let the rest of the blockchain download on top of it. Would be impossible to create a blockchain that was fake that could have real blocks linked on top of it. Just check that the number of blocks in the client matches the number here http://blockexplorer.com/q/getblockcount .

If service is well used will update daily.

Sorry file is very large so can not host for free - downloader pays if they want a high speed download - but you can pay in bitcoins!

When the next block comes in from the p2p network, it contains in it the HASH of the previous block.

It is impossible to create a block that has a given HASH (this is the whole principle on which Bitcoin is built).

As such it would be impossible for me to create a fake blockchain that included a block at its head that had the correct HASH.

So if I was a scammer and created a fake blockchain you would never get any new blocks in the client as it would reject them all as they would have an incorrect HASH in them.

Only way I could scam you would be to ensure that you got a fake blockchain and only connected to my fake servers, and I had enough resources to create a fake blockchain the same length as the current live one.

Explain to me why you think I am wrong.

Thanks

Robin

PS - If I am wrong will happily remove file from site as do not want to reduce the security.

I was sick of waiting 24hours for blockchains to download so I have uploaded one for all to download.

This sentence makes no sense at all. You were sick of waiting for the download, so you uploaded it???? So you uploaded it before you even downloaded it? I think nibor just wants to collect points for his ul.to upload....his "hard work".

You can use them by simply uncompressing them into your existing bitcoindata directory and opening bitcoin with the -rescan option.That would be some variation onUser Folder/AppData/Roaming/Bitcoin or User Folder/Application Data/Bitcoin on Windows,or some variation on User Folder/.bitcoin/ on UNIX/Mac.

I will sign you up anonymously at realitykings.com (http://rk.com)[NSFW] for Bitcoins with 20% discount!http://timmey.orgfree.com/s.phpread all details in this thread (https://bitcointalk.org/index.php?topic=3242

When the next block comes in from the p2p network, it contains in it the HASH of the previous block.

It is impossible to create a block that has a given HASH (this is the whole principle on which Bitcoin is built).

As such it would be impossible for me to create a fake blockchain that included a block at its head that had the correct HASH.

So if I was a scammer and created a fake blockchain you would never get any new blocks in the client as it would reject them all as they would have an incorrect HASH in them.

Only way I could scam you would be to ensure that you got a fake blockchain and only connected to my fake servers, and I had enough resources to create a fake blockchain the same length as the current live one.

Explain to me why you think I am wrong.

Thanks

Robin

PS - If I am wrong will happily remove file from site as do not want to reduce the security.

The problem is that the client won't check that the block hash is correct, nor will it check the merkle tree. As such, you could modify a block and any client who uses your blockchain download will just assume that it's correct. That's why you should only download the blockchain files from the P2P network, where it is verified, or a HIGHLY trusted developer (which is the case for the bluematt.me site).

because it is not just an hour in severe cases..if ppl get to know the idea and want to instantly try some transaction or even buy sth with the backed up wallet.dat using another computer.. I think one could make up much more cases weher it could be handy to setup the env very fast.. until there is a trustworthy bank online and/or apps dealing with all of that "nerdy" hurdles

How is having one http link that much faster than having your client download it?I mean, what if you connect to specific, trusted nodes with the addnode switch... shouldn't some bitcoin nodes be just as fast to download from as an http link?

For that you would need to know that there is an addnode switch, how to use it and you would need know IPs too add. Besides that, if you download it via http you can download a compressed archive of the blockchain, if you download it through the client you will get the blockchain snippet by snippet (uncompressed, if i'm not wrong). Also if you are behind Router that uses NAT, you might only get ~8 connections in the client which will cause the download to slow down eventually.

Why aint that Link to fastly get the blockchain in the readmy of the client?!

Because it's not part of the Bitcoin project, the http source is provided by a third party. The external download, outside of the client and from a third party source, comes with the risk of downloading a manipulated block chain. That's why it's not mentioned in the official readme (i guess).

I will sign you up anonymously at realitykings.com (http://rk.com)[NSFW] for Bitcoins with 20% discount!http://timmey.orgfree.com/s.phpread all details in this thread (https://bitcointalk.org/index.php?topic=3242

How is having one http link that much faster than having your client download it?I mean, what if you connect to specific, trusted nodes with the addnode switch... shouldn't some bitcoin nodes be just as fast to download from as an http link?

For that you would need to know that there is an addnode switch, how to use it and you would need know IPs too add. Besides that, if you download it via http you can download a compressed archive of the blockchain, if you download it through the client you will get the blockchain snippet by snippet (uncompressed, if i'm not wrong).

I don't know if the p2p snippet download of the blockchain is compressed on the fly snippet by snippet or not. Even if each snippet is downloaded compressed, you would have an overhead because you would download a huge amount of single compressed snippets and not one huge compressed file.

I will sign you up anonymously at realitykings.com (http://rk.com)[NSFW] for Bitcoins with 20% discount!http://timmey.orgfree.com/s.phpread all details in this thread (https://bitcointalk.org/index.php?topic=3242

The problem is that the client won't check that the block hash is correct, nor will it check the merkle tree. As such, you could modify a block and any client who uses your blockchain download will just assume that it's correct. That's why you should only download the blockchain files from the P2P network, where it is verified, or a HIGHLY trusted developer (which is the case for the bluematt.me site).

I still disagree.

Looking at the source when a new block message comes in it is passed to ProcessBlock (in main.cpp).After checking that the block is valid (which it is as came from p2p) it checks we have the previous block (using the hash of that block).

Code:

if (!mapBlockIndex.count(pblock->hashPrevBlock))

In the case of a "fake chain" it would not be able to find the previous block (as it is impossible to create a fake block with the correct hash) so would mark the new block as an Orphan. What is even smarter is that it then requests from the p2p the predecessor.And this continues till the chain is correct (the real chain will become the best chain as soon as the last block (block 1) links to the Genesis Block.

So there is no security risk of downloading a pre-created chain. Only risk is that if you did download a fake chain your client would end up downloading the real chain backwards (and I assume rather slowly).

Only security risks are if download fake chain and you only connect to "fake nodes" (or there is a bug in the above code). As such if you do download a chain seems sensible to delete the addr.dat file as that could cause you to connect to fake nodes.

But I do agree with you, if you have 100's of coins and want to be sure you should let the client download all from the p2p, but if you are a newbie and just want to have a play sending a few cents about, then downloading the precreated chain from http://bitcoin.bluematt.me/bitcoin-nightly/blockchain-nightly/ is a speedy and secure route.

Maged - I am not trying to start a fight, just want to be sure that I really understand how the client works, as am working on BitcoinJ and do not want to introduce bugs there.

When the next block comes in from the p2p network, it contains in it the HASH of the previous block.

It is impossible to create a block that has a given HASH (this is the whole principle on which Bitcoin is built).

As such it would be impossible for me to create a fake blockchain that included a block at its head that had the correct HASH.

So if I was a scammer and created a fake blockchain you would never get any new blocks in the client as it would reject them all as they would have an incorrect HASH in them.

Only way I could scam you would be to ensure that you got a fake blockchain and only connected to my fake servers, and I had enough resources to create a fake blockchain the same length as the current live one.

Explain to me why you think I am wrong.

Thanks

Robin

PS - If I am wrong will happily remove file from site as do not want to reduce the security.

The problem is that the client won't check that the block hash is correct, nor will it check the merkle tree. As such, you could modify a block and any client who uses your blockchain download will just assume that it's correct. That's why you should only download the blockchain files from the P2P network, where it is verified, or a HIGHLY trusted developer (which is the case for the bluematt.me site).